package cn.lx.auth.secutity.config;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.web.util.matcher.RequestMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;

/**
 * @ClassName CsrfSecurityRequestMatcher
 * @Description: //todo
 * @Author: 落雪
 * @CreateDate: 2025/7/14 23:17
 * @UpdateUser: 落雪
 * @UpdateDate: 2025/7/14 23:17
 * @UpdateRemark:
 * @Version: 1.0
 */
public class CsrfSecurityRequestMatcher implements RequestMatcher {
    protected Log log = LogFactory.getLog(this.getClass());
    private Pattern allowedMethods = Pattern.compile("^(GET|HEAD|TRACE|OPTIONS)$");
    private List<String> execludeUrls;

    public CsrfSecurityRequestMatcher() {
    }

    @Override
    public boolean matches(HttpServletRequest request) {
        if (this.execludeUrls != null && this.execludeUrls.size() > 0) {
            String servletPath = request.getServletPath();
            Iterator var3 = this.execludeUrls.iterator();

            while(var3.hasNext()) {
                String url = (String)var3.next();
                if (servletPath.contains(url)) {
                    return false;
                }
            }
        }

        return !this.allowedMethods.matcher(request.getMethod()).matches();
    }

    public List<String> getExecludeUrls() {
        return this.execludeUrls;
    }

    public void setExecludeUrls(List<String> execludeUrls) {
        this.execludeUrls = execludeUrls;
    }
}

